@Override public int compareTo(Grant o) { int result = grantee.compareTo(o.getGrantee()); if (result == 0) result = permission.compareTo(o.getPermission()); return result; }
private StreamSegmentInformation doGetStreamSegmentInfo(String streamSegmentName) { long traceId = LoggerHelpers.traceEnter(log, "getStreamSegmentInfo", streamSegmentName); S3ObjectMetadata result = client.getObjectMetadata(config.getBucket(), config.getRoot() + streamSegmentName); AccessControlList acls = client.getObjectAcl(config.getBucket(), config.getRoot() + streamSegmentName); boolean canWrite = acls.getGrants().stream().anyMatch(grant -> grant.getPermission().compareTo(Permission.WRITE) >= 0); StreamSegmentInformation information = StreamSegmentInformation.builder() .name(streamSegmentName) .length(result.getContentLength()) .sealed(!canWrite) .lastModified(new ImmutableDate(result.getLastModified().toInstant().toEpochMilli())) .build(); LoggerHelpers.traceLeave(log, "getStreamSegmentInfo", traceId, streamSegmentName); return information; }
private AccessControlList s3AclFromSyncAcl(ObjectAcl syncAcl, boolean ignoreInvalid) { AccessControlList s3Acl = new AccessControlList(); s3Acl.setOwner(new CanonicalUser(syncAcl.getOwner(), syncAcl.getOwner())); for (String user : syncAcl.getUserGrants().keySet()) { AbstractGrantee grantee = new CanonicalUser(user, user); for (String permission : syncAcl.getUserGrants().get(user)) { Permission perm = getS3Permission(permission, ignoreInvalid); if (perm != null) s3Acl.addGrants(new Grant(grantee, perm)); } } for (String group : syncAcl.getGroupGrants().keySet()) { AbstractGrantee grantee = new Group(group); for (String permission : syncAcl.getGroupGrants().get(group)) { Permission perm = getS3Permission(permission, ignoreInvalid); if (perm != null) s3Acl.addGrants(new Grant(grantee, perm)); } } return s3Acl; }
private void setPermission(SegmentHandle handle, Permission permission) { AccessControlList acl = client.getObjectAcl(config.getBucket(), config.getRoot() + handle.getSegmentName()); acl.getGrants().clear(); acl.addGrants(new Grant(new CanonicalUser(config.getAccessKey(), config.getAccessKey()), permission)); client.setObjectAcl( new SetObjectAclRequest(config.getBucket(), config.getRoot() + handle.getSegmentName()).withAcl(acl)); }
public Map<String, List<Object>> toHeaders() { Map<String, List<Object>> headers = new HashMap<String, List<Object>>(); for (Grant grant : grants) { RestUtil.add(headers, grant.getPermission().getHeaderName(), grant.getGrantee().getHeaderValue()); } return headers; } }
acl.addGrants(new Grant(new CanonicalUser(config.getAccessKey(), config.getAccessKey()), READ_WRITE_PERMISSION)); request.setAcl(acl);
private ObjectAcl syncAclFromS3Acl(AccessControlList s3Acl) { ObjectAcl syncAcl = new ObjectAcl(); syncAcl.setOwner(s3Acl.getOwner().getId()); for (Grant grant : s3Acl.getGrants()) { AbstractGrantee grantee = grant.getGrantee(); if (grantee instanceof Group) syncAcl.addGroupGrant(((Group) grantee).getUri(), grant.getPermission().toString()); else if (grantee instanceof CanonicalUser) syncAcl.addUserGrant(((CanonicalUser) grantee).getId(), grant.getPermission().toString()); } return syncAcl; }